Preventing Fraud: Tips for Nonprofit Organizations (article)

Employee fraud – theft, embezzlement, cash skimming and other offenses – is a greater problem now for non-profit organizations than at any time in recent memory. The poor economy, tightened budgets and reduced staffing are among the likely reasons for the increase in fraud. But these simple reasons barely skim the surface. Look deeper and it becomes clear that the true causes of the rise in fraud are far more complex. High unemployment rates have placed pressure on second-income earners as they have suddenly become the primary breadwinner. And many formerly high-income earners have been forced to accept jobs for which they are overqualified. For those working at non-profit organizations, many are dealing with lower salaries and benefits when compared to for-profit companies.

Why are non-profits so vulnerable? In a word, trust. These organizations are often based on the charity, faith and goodwill of fellow citizens. The organizations strive to create and protect a culture of trust that is oftentimes lacking at for-profit companies, and therefore don't always have the formal set of internal controls in place to guard against fraud that might otherwise be expected.

Unfortunately for many non-profits, the challenges extend beyond a lack of effective internal controls. Budgetary pressure – outside pressure from the public and government for a charity to allocate its funds to areas where it does the most good – also exposes the organization to the potential for fraud. How? Non-profits have limited funds and as a result must spend it in two key areas: the specific charitable purpose that drives the organization, and activities that raise additional funds to support that charitable purpose. That's generally what the public and the government want the non-profit to spend money on.

However, that leaves no funding for far less glamorous areas that on the surface don't seem to directly support the charity's purpose – like effective accounting systems, proper staffing, and compensation. What's wrong with that? By failing to spend money for adequate accounting systems non-profits often needlessly waste their precious dollars – money that could support the charities' mission – thanks to a lack of effective management reporting and controls.

Trust in the Absence of Internal Controls is a Recipe for Employee Theft

According to the Association of Certified Fraud Examiners' 2012 Report to the Nation on Occupational Fraud and Abuse, the median loss suffered by non-profit entities is $100,000. To put some perspective on that number, the median loss to public companies is $127,000. Keep in mind these are "median" numbers. Actual losses experienced by non-profits have been significantly larger. Few non-profits can afford losses of any size, let alone $100,000 or more. Clearly fraud – or at least the potential for fraud – is rampant at many non-profits. So how do you spot it?

There are several key risks – warning signs – that may pave the way for fraud because they make it easier for dishonest employees to engage in criminal behavior for a lengthy period of time. Among these risks are:

Inadequate internal controls

Lack of management review

Override of existing internal controls

Under staffing

Relatively low compensation, whether wages or benefits

Lack of employee training

Limits on career advancement

Employees' personal financial issues

Lack of strong company leadership

Uncovering Fraud

It takes an average of two years for fraud to be detected – and it is usually discovered in response to a tip or even by accident rather than through audits or internal controls. That means savvy organizations should take steps to prevent fraud – before a loss occurs – by conducting due diligence on employees rather than naively assuming that all employees are honest individuals.

Employees who commit fraud share several traits. Here are a few:

Employees who are overly interested in the personal lives of their co-workersThese employees like to be involved in everyone's business and want to be everybody's friend. Sure, they might be the office yenta. But, they may also be the office thief. By showing consideration for officemates, they garner trust – which, in the wrong hands, can become an opportunity for fraud.

Employees who work excessively and refuse assistanceThese employees work longer hours than their peers and refuse to take time off. Because of their constant availability and seeming dedication to the job, management often assigns them increasingly important tasks. As a result, they become solely responsible for critical tasks. With nobody looking over their shoulder, they are free to perpetrate fraud undetected.

Employees who work excessively yet keep poor accounting recordsBecause these employees appear to be working hard they are given leniency regarding their poor accounting records. As a result, the early warning signs of fraud are often missed.

Managers or supervisors with dominant or controlling personalities who refuse to delegate work or take time offThese "Type A" individuals do not delegate responsibility in order to hide and extend their fraudulent activities.

Employers Can Fight Back and Still Maintain Their Character

While many of the traits outlined are also found in conscientious and reputable employees, these traits are prevalent among white-collar criminals who commit and conceal fraud by eliminating or circumventing internal controls. Most frauds are committed by people no one would have otherwise suspected. They often start off slowly and then build as the fraudster gains more confidence. However, there are some measures you can take to mitigate your risk.

Perform background checks on employeesCreate an environment where honesty is practiced and employees feel compelled to report fraud. When hiring a new employee, do not rely solely on a trusted individual's recommendation. Instead, obtain information about a candidate from an independent third party. About 15% of employees who commit fraud are multiple offenders. About 85% of employee frauds are crimes of opportunity perpetrated by first-time offenders who believe they can avoid detection.

Maintain current and accurate accounting recordsIf your organization has difficulty in this area, your accounting department may be understaffed – a situation that could compromise internal controls. Also, accurate records make it far more difficult to propagate fraud.

Ensure your entity's Chief Executive receive financial statements directly from the bankYou should review statements before forwarding them to the employee responsible for reconciliation. If possible, cancelled checks should be sent with the bank statements and you should ask questions about specific checks to show employees that there is oversight. While this step may be difficult with larger organizations, it is recommended that the CEO have on-line access to bank accounts and cancelled checks. By having this access, he or she can periodically review this information without going through the accounting personnel.

Perform periodic reviews of all internal controlsRequest that your organization's CPA or accounting firm regularly review internal controls and periodically examine financial statements. Make these policies public so employees know fraud protection measures are in place.

Establish a fraud hotlineStudies show a fraud hotline is the easiest, most cost-effective way to uncover workplace dishonesty. Set one up and encourage employees to use it if they suspect fraud is occurring.

Cross-train your workforceThis ensures employees can review each other's work. Also, insist that employees take time off. No individual should be indispensible.

Perform periodic inventoriesHigh-value items should be inventoried more frequently. Investigate unusual shortages and inform employees that management is diligent about protecting its assets.

Review computer securityCheck for proper administrative and access rights, which should be limited by job function. Make sure passwords are required to be changed periodically and ensure there is administrator access to every computer.

Create a written fraud policyPeriodically review policy with all employees, and inform all new hires of policies. Place the fraud policy on the agenda at meetings at least once a year for all employees.

Fraud is found in all facets of business and impacts non-profits and for-profit organizations alike. Discourage fraud at your organization by taking measures designed to protect your assets and reputation. For more information on preventing fraud at your workplace, contact your local CBIZ office.

CBIZ MHM is the brand name for CBIZ MHM, LLC, a national professional services company providing tax, financial advisory and consulting services to individuals, tax-exempt organizations and a wide range of publicly-traded and privately-held companies. CBIZ MHM, LLC is a fully owned subsidiary of CBIZ, Inc. (NYSE: CBZ).